<?php

class security extends service {
	
	public function __construct(){
		$this->encryption = "sha1";
		$this->salt = "1-2-3-4-5-6-7-8-9-1";
	}
	
	# This generates a salt, a random combination of numbers like this "4-5-6-7-8-9"
	#
	# @return $salt
	function generate_salt () {
		$salt = rnd (0, 9).'-'.rnd (0, 9).'-'.rnd (0, 9).'-'.rnd (0, 9).'-'.rnd (0, 9).'-'.rnd (0, 9);
		$salt .= '-'.rnd (0, 9).'-'.rnd (0, 9).'-'.rnd (0, 9).'-'.rnd (0, 9).'-'.rnd (0, 9).'-'.rnd (0, 9);
		return $salt;
	}
	
	# This generates a double MD5 encoded string (Hash)
	#
	# @param string
	# @return doubled md5 string
	# @todo note by vain: fmpov the double encoding is somehow security by obscurity ?
	# 		is there an alternative?
	# 		note by xsign: well - it does help to NOT gain the password. You habe to decrypt
	# 		to an 32 digit password first, to get to the real password. So: no way to gain the real password.
	# 		Anyway: The SALT will the all the job to crash every hacking attempt.
	function generate_md5 ($string = '') {
		return md5 (md5 ($string));
	}

	#
	# Простой мд5, чтобы от меня отстал Кирилка
	#
	function holy_md5 ($string = '') {
		return md5 ($string);
	}
	
	# This generates a double SHA1 encoded string (Hash)
	#
	# @param string
	# @return doubled sha1 string
	function generate_sha1 ($string = '') {
		return sha1 (sha1 ($string));
	}
	
	# This builds a salted Hash string (Cookie Hash)
	#
	# @global $cfg
	# @param string
	# @return $hash
	function build_salted_hash ($string = '') {

		$salt = explode ('-', $this->salt);

		switch ($this->encryption) {
			case 'sha1':
				$hash = $this->generate_sha1 ($string);
				break;

			case 'md5':
				$hash = $this->generate_md5 ($string);
				break;
		}

			
		for ($x=0; $x<6; $x++) {	
			$hash = @str_replace ($salt[$x], $salt[$x + 6], $hash);
		}
		

		return $hash;
	}

	# Build the DB salted Hash
	#
	# @param string
	# @return hash
	function db_salted_hash ($string = '') {
		return $this->build_salted_hash ($this->build_salted_hash ($string));
	}
}

?>
